CVE-2007-4308 (retired)

The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layerioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not checkpermissions for ioctls, which might allow local users to cause a denial ofservice or gain privileges.